package com.shiro.config;

import com.shiro.pojo.User;
import com.shiro.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;

import javax.swing.*;
import java.util.Arrays;
import java.util.Collection;

/**
 * @author ZhangJunqi
 * @Date 2022/3/7 -22:42
 */
public class UserRealm extends AuthorizingRealm {
    @Autowired
    private UserService userService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("授权");
        SimpleAuthorizationInfo simpleAuthorizationInfo= new SimpleAuthorizationInfo ();
        //simpleAuthorizationInfo.addStringPermission ("user:add");
        Subject subject= SecurityUtils.getSubject ();
        User user=(User) subject.getPrincipal ();
        System.out.println ("user.toString () = " + user.toString ());
        if(user.getUserPerms ()!=null && user.getUserPerms ()!=null){
            Collection<String> permissions= Arrays.asList (user.getUserPerms ().split (" "));
            simpleAuthorizationInfo.addStringPermissions (permissions);
        }
        return simpleAuthorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("认证");
        UsernamePasswordToken token= (UsernamePasswordToken) authenticationToken;
        User user=userService.getUserByName(token.getUsername ());
        //默认加密
        //AuthorizingRealm————AuthenticatingRealm————AuthenticatingRealm中的CredentialsMatcher
        if(user==null){
            System.out.println("UserRealm 用户名错误");
            return null;
        }else if(user.getUserStatus ()==1){
            System.out.println("UserRealm 用户锁定");
            throw new LockedAccountException();
        } else{
            System.out.println ("user = " + user);
            AuthenticationInfo authenticationInfo=new SimpleAuthenticationInfo (user,user.getUserPsw (),getName ());
            return authenticationInfo;
        }

    }

//    public void clearCachedAuthorizationInfo(Principal principal) {
//        Subject subject = SecurityUtils.getSubject();
//        // String realmName = subject.getPrincipals().getRealmNames().iterator().next();
//        SimplePrincipalCollection principals = new SimplePrincipalCollection(principal,getName());
//        subject.runAs(principals);
//        clearCachedAuthorizationInfo(subject.getPrincipals());
//        subject.releaseRunAs();
//    }
    /*
    解决思路，利用shiro清空当前用户权限的方法，将当前用户进行设置假身份为目标用户，
        也就是需要修改的用户，subject.runAs(principals); 然后进行clearCachedAuthorizationInfo权限清空，
        清空后再恢复原身份，subject.releaseRunAs();

        1、获取当前用户subject（shiro登录对象）
        2、生成目标用户自定义信息SimplePrincipalCollection
        3、将当前用户设置为目标用户（假定身份）
        4、进行权限清空操作
        5、将假定身份恢复为之前登录用户；
*/



    //找到缓存后台轮训线程，到达时间修改用户数据库状态
}
